Google is coming through with its promise to turn on two-step verification (2SV) by default, rolling most of its users over to the the new security feature before the year is out. That means, using ‘Password1’ – or any of these other trash passwords for that matter – will no longer cut it.
Google announced it finally had enough of trash passwords back in May. It said so long as you provide a secondary email or phone number, it would be starting to automatically enable 2SV on your Google Account. 2SV is like two-factor authentication, or 2FA, Google just wants to use a different name.
In a blog post back in October, Google said it would be automatically enrolling 150 million users in two-step verification by the end of the year. 2 million YouTube creators will also be required to turn it on. But there’s still a bunch of people left to make the switch.
To get started, head over to Google’s 2SV page.
Why do you need 2SV?
Put simply? It’s easy for someone to steal your password and 2SV makes it harder. 2-Step Verification can help keep bad guys out, even if they have your password.
To point out the obvious, when a bad person steals your password, they could lock you out of your account and then do some damage such as go through (or even delete) all of your emails, contacts, photos, etc. They could also pretend to be you and send stuff from your name that could be pretty damaging. They can also use your account to reset the passwords for your other accounts (banking, shopping, etc.)
How does two-step verification work?
Signing in to your account will work a little differently.
You’ll enter your password. Whenever you sign in to Google, you’ll still be required to enter your password as usual. But…
You’ll be asked for something else. Then, a code will be sent to your phone via text, voice call, or the Google mobile app. Or, if you have a Security Key, you can insert it into your computer’s USB port.
During sign-in, you can choose not to use 2SV again on that particular computer. From then on, that computer will only ask for your password when you sign in. When you or anyone else tries to sign in to your Google account from another computer, 2SV will be required.
How does 2SV protect me?
Two-step verification is basically just an extra layer of security.
“In addition to passwords, we know that having a second form of authentication dramatically decreases an attacker’s chance of gaining access to an account,” Google says, adding “2SV is strongest when it combines both ‘something you know’ (like a password) and ‘something you have’ (like your phone or a security key).”
Google has provided a quick Security Checkup to make sure your account has the right settings in place for 2SV, so head over there and get cracking with the switch to two-step verification.
This post has been updated since it was first published.